Change remote desktop (RDP) port on Windows Server 2016/2019 (Powershell)

It's highly recommended to change windows remote desktop default port for added security.

You can change the default port with a few easy steps, first, you'll change the port and define this port in a firewall rule.

Change RDP TCP port on Windows Server 2016

  1. Open registry editor app by searching for regedit in windows search or use RUN.
  2. Locate the following from regedit app: 
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
  3. look for PortNumber and right-click on it and Modify
  4. Make sure to select Decimal under Base option
  5. Change the port number to any number you prefer, let's say 1234 and click OK
  6. Quit the registry editor
  7. Open Firewall (Windows Defender Firewall with Advanced Security)
  8. From the left sidebar click on Inbound Rules
  9. From the right sidebar click on New Rule
  10. Select Port and click Next
  11. Select TCP and type the port number in Specific local port and click Next until you reach the step where you asked to enter a rule name, give the rule a name and Click Finish. (Repeat from #7 to #11 for UDP)
  12. Restart the server or execute this PowerShell command Restart-Service -Force -DisplayName "Remote Desktop Services"
  13. Try to connect to RDP as usual but when you type the IP, don't forget to type the custom port number after the IP in this format IP:Port (e.g. 192.168.1.5:1234)

 

PowerShell

You can also change the RDP port by running the following PowerShell commands. In this command, we'll specify the new RDP port as 1234.

To add a new RDP Port to the registry:

Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber" -Value 1234

 

Then Add Firewall Rule to open port 1234 on the Public profile using PowerShell

New-NetFirewallRule -DisplayName 'RDPPORT_TCP' -Profile 'Public' -Direction Inbound -Action Allow -Protocol TCP -LocalPort 1234

Repeat to open UDP port 1234 (recommended)

New-NetFirewallRule -DisplayName 'RDPPORT_UDP' -Profile 'Public' -Direction Inbound -Action Allow -Protocol UDP -LocalPort 1234

 

Restart Remote Desktop Service from PowerShell

Restart-Service -Force -DisplayName "Remote Desktop Services"

 

Find this tutorial on Microsoft.com:
https://support.microsoft.com/en-gb/help/306759/how-to-change-the-listening-port-for-remote-desktop

Watch Video Tutorialhttps://www.youtube.com/watch?v=k8mswkiok70

  • windows server, rdp, port, remote desktop
  • 3659 Users Found This Useful
Was this answer helpful?

Related Articles

How to change administrator username on windows server

Changing administrator username is very important for your windows server security.To change it...

How to add a static IP to windows server?

Method (1)To add IP addresses to a Windows VPS or Windows Server, first open Command Prompt at...

How to change administrator password on Windows Server 2016/2019/2022

To change admin/user password on Windows Server 2016/2019/2022, please apply the following steps:...

How to fix clipboard issues on windows server 2016/2019

If you experience difficulties with the clipboard (copy/paste) on your windows server 2016...

How to send Alt+Ctrl+Del on Remote Desktop (RDP)

You can trigger ALT + CTRL + DEL screen on RDP session by one of the following methods:  1....